This is a discussion on Re: [Proftpd-user] any additional info on proftpd 1.3.0 remote - proftpd ; On Wed Nov 22 01:58:10 PM, Thomas L. Shinnick wrote:
[much snipped]
> I guess it really comes down to the simple question:
>
> Does this entire threat depend on the use of the
> CommandBufferSize directive,
> which ...

Re: [Proftpd-user] any additional info on proftpd 1.3.0 remote

On Wed Nov 22 01:58:10 PM, Thomas L. Shinnick wrote:

[much snipped]
> I guess it really comes down to the simple question:
>
> Does this entire threat depend on the use of the
> CommandBufferSize directive,
> which would have to be manually added to any sample starting
> configuration?
>
> If so, then we have a new definition of "reliable researcher":
> "not usually so _obviously_ profit-driven"